Re: (ASCEND) Radius (fwd)

["Tim Jung" <tjung@igateway.net>]

Might want to drop Livingston people a note and let them know that the Borland
Database engine/server has been ported to Red Hat Linux 4.2 and will be ported
to Red Hat 5.0 with commercial support soon. So if you still have good contacts
over there let them know to check into this as it is a high strength industrial
database that should work just as well for this type of project.

Tim Jung
System Admin
Internet Gateway Inc.
tjung@igateway.net

-----Original Message-----
From: MegaZone <megazone@megazone.org>
To: Ascend Users <ascend-users@bungi.com>
Date: Wednesday, July 01, 1998 3:27 PM
Subject: Re: (ASCEND) Radius (fwd)


>Once upon a time Tim Jung shaped the electrons to say...
>>hehehe exactly what you hit on, the data and call filters that in use by Ascen
>>This isn't so much a problem now since the newer Ascend code allows me to bui
>>a filter in the unit just like Livingston does and I can reference it just lik
>>I do with the Livingston in RADIUS. So that part got a little easier. But it i
>
>I was happy to see that too.
>
>>annoying to have two different idle time statements, different ISDN type
>
>There is an RFC standard for Idle-Timeout, and NAS-Port-Type, so I think
>you'd have a good case to push Ascend to use these standard elements.
>
>>statements, and a lack of simultaneous login control for all of my equipment.
>>Livingston sells (or will soon sell) RABM which doesn't run under Red Hat Linu
>
>RADIUS ABM is 100% Java, and is intended to run everywhere.  The issue is
>really the database backend.  Right now they are focused on Oracle because
>that is what users asking for RABM have been demanding the most.  And they
>are doing it on the Solaris and WinNT platforms for the same reason.  But
>the plan is most definitely to expand the database support - MS-SQL, Access,
>Informix, and SyBase were on the plan last I heard.  (Note: MySQL was
>looked at but cannot do what RABM needs, sorry.  Primarily transactions.)
>
>RABM itself would probably run on Linux, but the database connectivity piece
>isn't there for Linux yet.  You'd have to run the DB on another machine.
>In time it will come.
>
>>Linux either. So I am stuck without the features that I want and have to hack
>>them into the code myself. There are also a lot of other RADIUS feature I woul
>
>Have you looked at Cistron RADIUS?  It does simultaneous use control very,
>very well.  The first RADIUS to do what I'd been saying all along with PMs -
>use SNMP to backstop the loops in the RADIUS protocol.  And others have
>hacked modules to backstop MAXen, TCs, etc.
>
>Radiator is a more recent addition which also uses this SNMP double-check,
>and has a lot of features.  And I understand that IEA's RadiusNT does it in
>the latest release.
>
>>Examples:
>>---------------
>>Radius server assign the IPs from pools (for special routing and filters at
>>routers like email only, different news
>
>This has the same trouble simultaneous use has.  It is another example of
>resource management.  You need a POSITIVE method of knowing a resource has
>been freed or is still in use.  RADIUS, the protocol, contains timing loop
>potential.  This is where SNMP is used, for example, to fill those loopholes.
>There are some RADIUS servers that support this, but it makes me uneasy to
>see it being done on a server with no double-checks.
>
>The other issue is multiple servers.  If you have a primary and a secondary,
>or MORE, what it START and STOP go to different locations?  This becomes a
>distributed database problem.
>
>BTW, RADIUS ABM does this, and uses a distributed database backend.  Syncing
>has been left to the DB being used.
>
>>Limiting total hours per month for accounts
>>Limiting login times for users                    (Business accounts get a cut
>>rate and only login 7am-6pm M-F)
>
>Same thing here - you need to be sure of the session time used by the user.
>There are a number of patches out there for various RADIUS platforms, I
>think Cistron may do these by default, and Radiator claims to.
>
>I'm fairly sure RABM does these too.
>
>>Time of day based session length limits
>>Time of day based idle timeout limits
>
>I've seen these on various servers, and there are patches out there for this.
>
>I know these were discussed for RABM, but I'm not sure on these.
>
>>Multiple Analog login controls across multiple vendor platforms (1 or 3 or
>>whatever logins they buy)
>
>This sounds like simultaneous use control - no?  I mean, the only intelligent
>way to do simultaneous use isn't 1 or 0, it is an integer setting.  And
>the NAS vendor should not matter - all RADIUS cares about is the number of
>sessions.
>
>>Standardized filters that could be downloaded to multiple vendors to make fil
>>changes cross platforms easier
>
>This would be a major effort.  All of the vendors did filtering on their own
>basically, so the way the OS handles them varies.  And the format varies.
>I would really like to see Lucent publish ChoiceNet as an RFC, even
>informational, to develop this.
>
>-MZ
>--
><URL:mailto:megazone@megazone.org> Gweep, Discordian, Author, Engineer, me..
>Join ISP/C Internet Service Providers' Consortium <URL:http://www.ispc.org/>
>"A little nonsense now and then, is relished by the wisest men" 781-788-0130
><URL:http://www.gweep.net/>  <URL:http://www.megazone.org/>  Hail Discordia!
>++ Ascend Users Mailing List ++
>To unsubscribe: send unsubscribe to ascend-users-request@bungi.com
>To get FAQ'd: <http://www.nealis.net/ascend/faq>

++ Ascend Users Mailing List ++
To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd:	<http://www.nealis.net/ascend/faq>

---

• Prev by Date: Re: (ASCEND) Appletalk Filters for P85
• Next by Date: (ASCEND) Code for soundcard modem
• Prev by thread: Re: (ASCEND) Radius (fwd)
• Next by thread: Re: (ASCEND) Radius (fwd)
• Index(es):
  • Main
  • Thread